package com.liyao.storehouse.api.controller;

import cn.hutool.json.JSONObject;
import com.liyao.storehouse.api.base.ThirdPartyCallBaseController;
import com.liyao.storehouse.api.entity.Client;
import com.liyao.storehouse.api.service.IClientService;
import com.liyao.storehouse.api.utill.HmacSha256;
import com.liyao.storehouse.api.utill.R;
import com.liyao.storehouse.api.utill.SystemConfig;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Date;

@RestController
@RequestMapping("/api/booher/client")
public class ClientController extends ThirdPartyCallBaseController<Client> {

    @Resource
    private IClientService clientService;

    @GetMapping("/authToken")
    private R authToken(Client client, HttpServletRequest request) {
        String clientId = request.getHeader("X-Api-ClientID");
        String timeStamp = request.getHeader("X-Api-TimeStamp");
        String nonce = request.getHeader("X-Api-Nonce");
        String signature = request.getHeader("X-Api-Signature");
        if (!StringUtils.hasLength(clientId) || !StringUtils.hasLength(timeStamp) || !StringUtils.hasLength(nonce) || !StringUtils.hasLength(signature)) {
            JSONObject data = new JSONObject();
            data.putOpt("errcode", "1001");
            data.putOpt("errmsg", "请求头缺失");
            return R.ok().put("data", data);
        }

        String clientSecret = client.getClientSecret();
        if (!StringUtils.hasLength(clientSecret)) {
            JSONObject data = new JSONObject();
            data.putOpt("errcode", "1002");
            data.putOpt("errmsg", "参数缺失");
            return R.ok().put("data", data);
        }

        String sign = HmacSha256.hmacSha256ToBase64(clientId + timeStamp + nonce + clientSecret, clientSecret);
        if (!sign.equals(signature)) {
            JSONObject data = new JSONObject();
            data.putOpt("errcode", "1003");
            data.putOpt("errmsg", "签名有误");
            return R.ok().put("data", data);
        }

        client.setClientId(clientId);
        Client entity = clientService.getClientMes(client);
        if (entity == null) {
            JSONObject data = new JSONObject();
            data.putOpt("errcode", "1004");
            data.putOpt("errmsg", "clientId或clientSecret不正确");
            return R.ok().put("data", data);
        }

        long now = new Date().getTime() / 1000;
        String access_token = rsa.encrypt(clientId + "#" + now, SystemConfig.RSA_PUBLIC_KEY);

        JSONObject data = new JSONObject();
        data.putOpt("errcode", "0");
        data.putOpt("errmsg", "请求成功");
        data.putOpt("access_token", access_token);

        return R.ok().put("data", data);
    }

    @GetMapping("/jiemi")
    private R jiemi(String data,HttpServletRequest request){
        String aaa=request.getHeader("X-Api-Token");
        String mes=clientService.jiemi(aaa);
        return R.ok().put("data", mes);
    }
}
